Download
| Alert*
|
oval:org.secpod.oval:def:602084
libjs-jquery-ui is installed oval:org.secpod.oval:def:602122 The update for jqueryui in DSA-3249-1 introduced a regression where direct usage of the file jquery.ui.dialog.js can get broken due to a missing function definition. oval:org.secpod.oval:def:95048 jqueryui: JavaScript UI library for dynamic web applications Several security issues were fixed in jQuery UI. oval:org.secpod.oval:def:602063 Shadowman131 discovered that jqueryui, a JavaScript UI library for dynamic web applications, failed to properly sanitize its "title" option. This would allow a remote attacker to inject arbitrary code through cross-site scripting. oval:org.secpod.oval:def:1900727 Cross-site scripting vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. |
